[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pamldap
Subject:    RE: [nssldap] Re: [pamldap] md5 password stuff
From:       Justin Hahn <jeh () profitlogic ! com>
Date:       2001-07-25 14:58:40
[Download RAW message or body]

Bad idea. At present EXOP password changes are NOT replicated by slurpd in
OpenLDAP versions up to and including 2.0.11. I submitted the bug to their
ITS last week and Kurt Zeilenga has apparently fixed it in CVS. I'd wait for
2.0.12 before using EXOP unless you want to use CVS.

--jeh

> -----Original Message-----
> From: Andreas Hasenack [mailto:andreas@conectiva.com.br]
> Sent: Wednesday, July 25, 2001 10:22 AM
> To: Paulo Matos
> Cc: nssldap@padl.com; pamldap@padl.com
> Subject: [nssldap] Re: [pamldap] md5 password stuff
> 
> 
> Em Wed, Jul 25, 2001 at 01:05:16AM +0100, Paulo Matos escreveu:
> > 	The md5 password problem is indeed the BSD-style MD5-based
> > password problem (aka, $1$saltstr$....). I was affected 
> also with this
> > problem.
> > 
> > 	The problem is identified and is located on openldap.
> > 	Why? Because there is a large set of md5 algorithms and openldap
> > team choose, only to support those who are implemented by 
> openssl libs.
> 
> I think the best solution would be to let openldap handle 
> this, via the EXOP
> password change, for example, which pam_ldap supports.
> 
> > 	I volunteered to make a workarround to openldap in 
> order to solve
> > this problem once for all, so whenever this kind of md5 algorithm is
> > supported by crypt(3) this will be solved.
> 
> Any news on that?
> 

[prev in list] [next in list] [prev in thread] [next in thread]